CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2101

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile28.96th
Published2007年4月18日
Last Modified2026年4月23日

Vulnerability Description

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦
Fac Guestbook

Fac Guestbook

= 3.01

References & Advisories

🔗 http://secunia.com/advisories/24872
🔗 http://www.securityfocus.com/bid/23441
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33600
🔗 http://secunia.com/advisories/24872
🔗 http://www.securityfocus.com/bid/23441
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33600

関連する脆弱性情報

CVE-2007-210010.0

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers ...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-023610.0

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attacker...